Well the ports should be open on both servers and when I tried it before, if I pointed a subdomain straight at server #2 without modifying the Caddyfile, the HTTP page would load properly without encryption. But if I changed the :80 in the Caddyfile to the actual subdomain, i.e. to HTTPS, it would no longer work and the Cloudflare page just told me that “The host cannot be reached”. I was expecting automatic certificate retrieval by Caddy and a translation of the HTTP content to HTTPS.
Are there caveats to using Caddy’s automatic HTTPS for different subdomains of the same domain? Each should be getting their individual certificate, right?
I can’t understand why the approach below didn’t work either (which is the reason why I ended up trying the solution described above):
- both servers have their own, separate Caddyfiles which only contain one site with its subdomain and the reverse_proxy directive to its local content
- the subdomains on Cloudflare point separately to the IPv6 addresses of the servers, hc.klo.ink to #1 and hc2.klo.ink to #2
- only the first Caddy instance to go up works while according to the logs the other one stayed in a loop trying and failing to solve the certificate challenges - like the Caddy certificate from the other server was somehow completely blocking it
- no wildcard domains in the Caddyfiles either